<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>演示csrf防护机制</h1>

{# 使用表单发送post请求 携带csrf_token #}
<form method="post">
    {#  django中补充csrf_token   #}
    {% csrf_token %}
    <input type="submit">
</form>

{% comment %}

$.ajax({

    "header": {
        "csrf_token": "xxxxxx"
    }
})

{% endcomment %}


</body>
</html>